<?php
require_once dirname(__FILE__) . '/../common.inc.php';

header('Content-Type: text/plain');

$myPdo = DbUtils::createPdoInst();

$action = MiscUtils::getParam('action', NULL);
try {
  $myPdo->beginTransaction();
  switch ($action) {
    case 'product':
      product($myPdo);
      break;
    case 'update_product':
      update_product($myPdo);
      break;
    case 'attribute':
      attribute($myPdo);
      break;
    case 'update_attribute':
      update_attribute($myPdo);
      break;
    case 'option':
      option($myPdo);
      break;
    case 'delete_product_image':
      delete_product_image($myPdo);
      break;
    case 'delete_option_image':
      delete_option_image($myPdo);
      break;
    case 'delete_option':
      delete_option($myPdo);
      break;
    case 'delete_products':
      delete_products($myPdo);
      break;
    case 'delete_attributes':
      delete_attributes($myPdo);
      break;
    case 'set_default_option':
      set_default_option($myPdo);
      break;
    case 'customer':
      customer($myPdo);
      break;
    case 'update_customer':
      update_customer($myPdo);
      break;
    case 'address':
      address($myPdo);
      break;
    case 'delete_customer_image':
      delete_customer_image($myPdo);
      break;
    case 'delete_addresses':
      delete_addresses($myPdo);
      break;
    case 'delete_customers':
      delete_customers($myPdo);
      break;
    case 'payment':
      payment($myPdo);
      break;
    case 'update_payment':
      update_payment($myPdo);
      break;
    case 'delete_payments':
      delete_payments($myPdo);
      break;
    case 'shipping':
      shipping($myPdo);
      break;
    case 'update_shipping':
      update_shipping($myPdo);
      break;
    case 'delete_shippings':
      delete_shippings($myPdo);
      break;
    case 'delete_orders':
      delete_orders($myPdo);
      break;
    case 'update_order':
      update_order($myPdo);
      break;
    case 'add_purchase':
      add_purchase($myPdo);
      break;
    case 'update_purchase':
      update_purchase($myPdo);
      break;
    case 'delete_purchases':
      delete_purchases($myPdo);
      break;
    case 'delete_transactions':
      delete_transactions($myPdo);
      break;
    case 'save_transaction':
      save_transaction($myPdo);
      break;
    case 'find_order':
      find_order($myPdo);
      break;
    case 'save_parcel': 
      save_parcel($myPdo);
      break;
    case 'delete_parcels':
      delete_parcels($myPdo);
      break;
    case 'delete_categories':
      delete_categories($myPdo);
      break;
    default:
      break;
  }
  $myPdo->commit();
} catch (PDOException $e) {
  echo ERROR_SIGN . $e->getMessage();
}

function product($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->id)) {
    DbUtils::update($myPdo, 'pz_ecom_product', $q);
  } else {
    $q->date_added = date("Y-m-d H:i:s");
    $q->date_last_mod = date("Y-m-d H:i:s");
    DbUtils::add($myPdo, 'pz_ecom_product', $q);
  }
  $q->id = $myPdo->lastInsertId();
  echo json_encode($q);
}

function update_product($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->p)) {
    $q->p->date_last_mod = date("Y-m-d H:i:s");
    DbUtils::update($myPdo, 'pz_ecom_product', $q->p);
  }
  
  if ($q->a) {
    if (isset($q->a->id)) {
      DbUtils::update($myPdo, 'pz_ecom_product_attribute', $q->a);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_product_attribute', $q->a);
    }
  }
  
  foreach ($q->opts as &$tmp) {
    if (isset($tmp->id)) {
      DbUtils::update($myPdo, 'pz_ecom_product_option', $tmp);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_product_option', $tmp);
    }
  }
  
  echo json_encode(array());
}

function attribute($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  $myPdo->exec('UPDATE `pz_ecom_product` SET `date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `track_id` = \'' . $q->product_track_id . '\'');
  
  if (isset($q->id)) {
    DbUtils::update($myPdo, 'pz_ecom_product_attribute', $q);
  } else {
    DbUtils::add($myPdo, 'pz_ecom_product_attribute', $q);
  }
  $q->id = $myPdo->lastInsertId();
  echo json_encode($q);
}

function update_attribute($myPdo) {
if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  $myPdo->exec('UPDATE `pz_ecom_product` SET `date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `track_id` = \'' . $q->a->product_track_id . '\'');
  
  if (isset($q->a->id)) {
    DbUtils::update($myPdo, 'pz_ecom_product_attribute', $q->a);
  } else {
    DbUtils::add($myPdo, 'pz_ecom_product_attribute', $q->a);
  }
  
  foreach ($q->opts as &$tmp) {
    if (isset($tmp->id)) {
      DbUtils::update($myPdo, 'pz_ecom_product_option', $tmp);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_product_option', $tmp);
    }
  }
  
  echo json_encode(array());
}

function option($myPdo) {
if (!isset($_SESSION[USER])) {
    return;
  }
	$q = json_decode(MiscUtils::getParam('q', '[]'));
  
  $myPdo->exec('UPDATE `pz_ecom_product` AS `t` LEFT JOIN `pz_ecom_product_attribute` AS `t1` ON `t1`.`product_track_id` = `t`.`track_id` SET `t`.`date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `t1`.`id` = \'' . $q->attribute_id . '\'');
  
  if ($q->is_default == 1) {
    $myPdo->exec('UPDATE `pz_ecom_product_option` SET is_default = 0 WHERE `attribute_id` = \'' . $q->attribute_id . '\'');
  } else {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.attribute_id = :v1';
    $cond_vals->v = array(':v1' => $q->attribute_id);
    if (count(DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_product_option', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d) == 0) {
      $q->is_default = 1;
    }
  }
  if (isset($q->id)) {
    DbUtils::update($myPdo, 'pz_ecom_product_option', $q);
  } else {
    DbUtils::add($myPdo, 'pz_ecom_product_option', $q);
  }
  $q->id = $myPdo->lastInsertId();
  echo json_encode($q);
}

function delete_product_image($myPdo) {
if (!isset($_SESSION[USER])) {
    return;
  }
	$q = json_decode($_POST['q']);
  
  $myPdo->exec('UPDATE `pz_ecom_product` SET `date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `track_id` = \'' . $q->product_track_id . '\'');
  
  $q->path = $q->large;
  $q->path_tn = $q->small;
  __remove_product_image($myPdo, $q);
  echo json_encode(array());
}

function delete_option_image($myPdo) {
if (!isset($_SESSION[USER])) {
    return;
  }
	$q = json_decode($_POST['q']);
  
  $myPdo->exec('UPDATE `pz_ecom_product` AS `t` LEFT JOIN `pz_ecom_product_attribute` AS `t1` ON `t1`.`product_track_id` = `t`.`track_id` SET `t`.`date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `t1`.`id` = \'' . $q->attribute_id . '\'');
  
  if (file_exists($q->large)) {
    unlink($q->large);
  }
  
  if (file_exists($q->small)) {
    unlink($q->small);
  }
  
  $myPdo->exec('UPDATE `pz_ecom_product_option` SET image_path = \'\', image_path_tn = \'\' WHERE `id` = \'' . $q->id . '\'');
  echo json_encode(array());
}

function delete_option($myPdo) {
if (!isset($_SESSION[USER])) {
    return;
  }
	$q = json_decode($_POST['q']);
  
  $myPdo->exec('UPDATE `pz_ecom_product` AS `t` LEFT JOIN `pz_ecom_product_attribute` AS `t1` ON `t1`.`product_track_id` = `t`.`track_id` SET `t`.`date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `t1`.`id` = \'' . $q->attribute_id . '\'');
  
  if ($q->is_default == 1) {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.attribute_id = :v1 AND t.id != :v2';
    $cond_vals->v = array(':v1' => $q->attribute_id, ':v2' => $q->id);
    $array = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_product_option', $cond_vals, NULL, NULL, 1, 1, NULL)->d;
    if (count($array) == 1) {
      $array[0]->is_default = 1;
      DbUtils::update($myPdo, 'pz_ecom_product_option', $array[0]);
    }
  }
  
  __remove_option($myPdo, $q);
  echo json_encode(array());
}

function delete_products($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
	$q = json_decode($_POST['q']);
  foreach ($q as &$product) {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.product_track_id = :v1';
    $cond_vals->v = array(':v1' => $product->track_id);
    $attributes = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_product_attribute', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
    foreach ($attributes as &$attribute) {
      $cond_vals = new stdClass();
      $cond_vals->c = 't.attribute_id = :v1';
      $cond_vals->v = array(':v1' => $attribute->id);
      $options = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_product_option', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
      foreach ($options as &$option) {
        __remove_option($myPdo, $option);
      }
      __remove_attribute($myPdo, $attribute);
    }
    
    $cond_vals = new stdClass();
    $cond_vals->c = 't.product_track_id = :v1';
    $cond_vals->v = array(':v1' => $product->track_id);
    $images = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_product_image', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
    foreach ($images as &$image) {
      __remove_product_image($myPdo, $image);
    }
    
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $product->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_product', $cond_vals);
  }
  echo json_encode(array());
}

function delete_attributes($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
	$q = json_decode($_POST['q']);
  
  if (count($q) > 0) {
    $myPdo->exec('UPDATE `pz_ecom_product` SET `date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `track_id` = \'' . $q[0]->product_track_id . '\'');
  }
  
  foreach ($q as &$attribute) {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.attribute_id = :v1';
    $cond_vals->v = array(':v1' => $attribute->id);
    $array = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_product_option', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
    foreach ($array as &$option) {
      __remove_option($myPdo, $option);
    }
    __remove_attribute($myPdo, $attribute);
  }
  echo json_encode(array());
}

function set_default_option($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
	$q = json_decode(MiscUtils::getParam('q', '[]'));
  
  $myPdo->exec('UPDATE `pz_ecom_product` AS `t` LEFT JOIN `pz_ecom_product_attribute` AS `t1` ON `t1`.`product_track_id` = `t`.`track_id` SET `t`.`date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `t1`.`id` = \'' . $q->attribute_id . '\'');
  
  $myPdo->exec('UPDATE `pz_ecom_product_option` SET is_default = 0 WHERE `attribute_id` = \'' . $q->attribute_id . '\'');
  $q->is_default = 1;
  DbUtils::update($myPdo, 'pz_ecom_product_option', $q);
  echo json_encode($q);
}

function __remove_product_image($myPdo, $image) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  if (file_exists($image->path)) {
    unlink($image->path);
  }
  
  if (file_exists($image->path_tn)) {
    unlink($image->path_tn);
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = 'id = :v1';
  $cond_vals->v = array(':v1' => $image->id);
  DbUtils::deleteByCond($myPdo, 'pz_ecom_product_image', $cond_vals);
}

function __remove_attribute($myPdo, $attribute) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  if (file_exists($attribute->image_path)) {
    unlink($attribute->image_path);
  }
  
  if (file_exists($attribute->image_path_tn)) {
    unlink($attribute->image_path_tn);
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = 'id = :v1';
  $cond_vals->v = array(':v1' => $attribute->id);
  DbUtils::deleteByCond($myPdo, 'pz_ecom_product_attribute', $cond_vals);
}

function __remove_option($myPdo, $option) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  if (file_exists($option->image_path)) {
    unlink($option->image_path);
  }
  
  if (file_exists($option->image_path_tn)) {
    unlink($option->image_path_tn);
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = 'id = :v1';
  $cond_vals->v = array(':v1' => $option->id);
  DbUtils::deleteByCond($myPdo, 'pz_ecom_product_option', $cond_vals);
};

function customer($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->id)) {
    if (isset($q->_password)) {
      $q->password = md5($q->_password);
    }
    DbUtils::update($myPdo, 'pz_ecom_customer', $q);
  } else {
    $q->password = md5($q->password);
    $q->date_added = date("Y-m-d H:i:s");
    $q->date_last_mod = date("Y-m-d H:i:s");
    DbUtils::add($myPdo, 'pz_ecom_customer', $q);
  }
  $q->id = $myPdo->lastInsertId();
  echo json_encode($q);
}

function update_customer($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->c)) {
    if (isset($q->c->_password)) {
      $q->c->password = md5($q->c->_password);
    }
    $q->c->date_last_mod = date("Y-m-d H:i:s");
    DbUtils::update($myPdo, 'pz_ecom_customer', $q->c);
  }
  
  if ($q->a) {
    if (isset($q->a->id)) {
      DbUtils::update($myPdo, 'pz_ecom_customer_address', $q->a);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_customer_address', $q->a);
    }
  }
  
  echo json_encode(array());
}

function delete_customer_image($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  
  $myPdo->exec('UPDATE `pz_ecom_customer` SET `date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `track_id` = \'' . $q->customer_track_id . '\'');
  
  $q->path = $q->large;
  $q->path_tn = $q->small;
  __remove_customer_image($myPdo, $q);
  echo json_encode(array());
}

function __remove_customer_image($myPdo, $image) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  if (file_exists($image->path)) {
    unlink($image->path);
  }
  
  if (file_exists($image->path_tn)) {
    unlink($image->path_tn);
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = 'id = :v1';
  $cond_vals->v = array(':v1' => $image->id);
  DbUtils::deleteByCond($myPdo, 'pz_ecom_customer_image', $cond_vals);
}

function address($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  $myPdo->exec('UPDATE `pz_ecom_customer` SET `date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `track_id` = \'' . $q->customer_track_id . '\'');
  
  if ($q->is_default == 1) {
    $myPdo->exec('UPDATE `pz_ecom_customer_address` SET is_default = 0 WHERE `customer_track_id` = \'' . $q->customer_track_id . '\'');
  } else {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.customer_track_id = :v1';
    $cond_vals->v = array(':v1' => $q->customer_track_id);
    if (count(DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_customer_address', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d) == 0) {
      $q->is_default = 1;
    }
  }
  
  if (isset($q->id)) {
    DbUtils::update($myPdo, 'pz_ecom_customer_address', $q);
  } else {
    DbUtils::add($myPdo, 'pz_ecom_customer_address', $q);
  }
  $q->id = $myPdo->lastInsertId();
  echo json_encode($q);
}

function delete_addresses($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  
  if (count($q) > 0) {
    $myPdo->exec('UPDATE `pz_ecom_customer` SET `date_last_mod` = \'' . date("Y-m-d H:i:s") . '\' WHERE `track_id` = \'' . $q[0]->customer_track_id . '\'');
  }
  
  $customer_track_id = 0;
  $is_no_default = 0;
  foreach ($q as &$address) {
    if ($address->is_default == 1) {
      $is_no_default = 1;
    }
    $customer_track_id = $address->customer_track_id;
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $address->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_customer_address', $cond_vals);
  }
  $myPdo->commit();
  $myPdo->beginTransaction();
  if ($is_no_default == 1) {
    $cond_vals = new stdClass();
    $cond_vals->c = 't.customer_track_id = :v1';
    $cond_vals->v = array(':v1' => $customer_track_id);
    $array = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_customer_address', $cond_vals, 't.order', 'ASC', 1, 1, NULL)->d;
    if (count($array) == 1) {
      $array[0]->is_default = 1;
      DbUtils::update($myPdo, 'pz_ecom_customer_address', $array[0]);
    }
  }
  echo json_encode(array());
}

function delete_customers($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  foreach ($q as &$customer) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'customer_track_id = :v1';
    $cond_vals->v = array(':v1' => $customer->track_id);
    $array = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_customer_image', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
    foreach ($array as &$image) {
      __remove_customer_image($myPdo, $image);
    }
    
    $cond_vals = new stdClass();
    $cond_vals->c = 'customer_track_id = :v1';
    $cond_vals->v = array(':v1' => $customer->track_id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_customer_image', $cond_vals);
    
    $cond_vals = new stdClass();
    $cond_vals->c = 'customer_track_id = :v1';
    $cond_vals->v = array(':v1' => $customer->track_id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_customer_address', $cond_vals);
    
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $customer->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_customer', $cond_vals);
  }
  echo json_encode(array());
}

function payment($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->id)) {
    DbUtils::update($myPdo, 'pz_ecom_mthd_payment', $q);
  } else {
    DbUtils::add($myPdo, 'pz_ecom_mthd_payment', $q);
  }
  $q->id = $myPdo->lastInsertId();
  echo json_encode($q);
}

function update_payment($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->p)) {
    DbUtils::update($myPdo, 'pz_ecom_mthd_payment', $q->p);
  }
  
  echo json_encode(array());
}

function delete_payments($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  foreach ($q as &$payment) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $payment->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_mthd_payment', $cond_vals);
  }
  echo json_encode(array());
}


function shipping($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->id)) {
    DbUtils::update($myPdo, 'pz_ecom_mthd_shipping', $q);
  } else {
    DbUtils::add($myPdo, 'pz_ecom_mthd_shipping', $q);
  }
  $q->id = $myPdo->lastInsertId();
  echo json_encode($q);
}

function update_shipping($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->p)) {
    DbUtils::update($myPdo, 'pz_ecom_mthd_shipping', $q->p);
  }
  
  echo json_encode(array());
}

function delete_shippings($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  foreach ($q as &$payment) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $payment->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_mthd_shipping', $cond_vals);
  }
  echo json_encode(array());
}

function __remove_order_purchase_attr($myPdo, $attr) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $cond_vals = new stdClass();
  $cond_vals->c = 'attribute_track_id = :v1';
  $cond_vals->v = array(':v1' => $attr->track_id);
  $array = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_purchase_option', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  foreach ($array as &$opt) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $opt->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_purchase_option', $cond_vals);
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = 'id = :v1';
  $cond_vals->v = array(':v1' => $attr->id);
  DbUtils::deleteByCond($myPdo, 'pz_ecom_purchase_attribute', $cond_vals);
}

function __remove_order_purchase($myPdo, $pur) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $cond_vals = new stdClass();
  $cond_vals->c = 'purchase_track_id = :v1';
  $cond_vals->v = array(':v1' => $pur->track_id);
  $array = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_purchase_attribute', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  foreach ($array as &$attr) {
    __remove_order_purchase_attr($myPdo, $attr);
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = 'id = :v1';
  $cond_vals->v = array(':v1' => $pur->id);
  DbUtils::deleteByCond($myPdo, 'pz_ecom_purchase', $cond_vals);
}

function delete_orders($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  foreach ($q as &$order) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'order_id = :v1';
    $cond_vals->v = array(':v1' => $order->id);
    $array = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_purchase', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
    foreach ($array as &$pur) {
      __remove_order_purchase($myPdo, $pur);
    }

    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $order->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_order', $cond_vals);
  }
  echo json_encode(array());
}

function update_purchase($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  $delattr = array();
  $upattr = array();
  $delopt = array();
  $upopt = array();
  
  foreach ($q->a->attributes as &$attr) {
    foreach ($attr->options as &$opt) {
      if (isset($opt->deleted) && $opt->deleted == 1) {
        $delopt[] = $opt;
      } else {
        $upopt[] = $opt;
      }
    }
    unset($attr->options);
    if (isset($attr->deleted) && $attr->deleted == 1) {
      $delattr[] = $attr;
    } else {
      $upattr[] = $attr;
    }
  }
  
  foreach ($delattr as &$da) {
    unset($da->deleted);
    DbUtils::delete($myPdo, 'pz_ecom_purchase_attribute', $da);
  }
  
  foreach ($upattr as &$ua) {
    if (isset($ua->id)) {
      DbUtils::update($myPdo, 'pz_ecom_purchase_attribute', $ua);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_purchase_attribute', $ua);
      $ua->id = $myPdo->lastInsertId();
    }
  }
   
  foreach ($delopt as &$do) {
    unset($do->deleted);
    DbUtils::delete($myPdo, 'pz_ecom_purchase_option', $do);
  }
  
  foreach ($upopt as &$uo) {
    if (isset($uo->id)) {
      DbUtils::update($myPdo, 'pz_ecom_purchase_option', $uo);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_purchase_option', $uo);
      $uo->id = $myPdo->lastInsertId();
    }
  }
  $product = $q->a->product;
  unset($q->a->attributes);
  unset($q->a->product);
  $q->a->date_last_mod = date("Y-m-d H:i:s");
  DbUtils::update($myPdo, 'pz_ecom_purchase', $q->a);
  
  $q->a->attributes = array();
  $attribute = new stdClass();
  
  foreach ($upattr as &$attr) {
    $attr->options = array();
    foreach ($upopt as &$opt) {
      if ($opt->attribute_track_id == $attr->track_id) {
        $attr->options[] = $opt;
      }
    }
    $q->a->attributes[] = $attr;
  }
  $q->a->product = $product;
  echo json_encode($q->a);
}

function update_order($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  require_once dirname(__FILE__) . '/../includes/MiscUtils.class.php';
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if ($q->order->addr_id == -1) {
    $order = 0;
    $result = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_customer_address', NULL, 't.order', 'DESC', 1, 1, NULL)->d;
    if (count($result) > 0) {
      $order = $result[0]->order;
    }
    
    $cond_vals = new stdClass();
    $cond_vals->c = 't.id = :v1';
    $cond_vals->v = array(':v1' => $q->order->customer_id);
    $customer = DbUtils::get(DbUtils::createPdoInst(), 'pz_ecom_customer', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d[0];
    
    $tmp = new stdClass();
    $tmp->track_id = MiscUtils::unique();
    $tmp->customer_track_id = $customer->track_id;
    $tmp->name = $q->order->addr_name;
    $tmp->tel = $q->order->addr_tel;
    $tmp->mob = $q->order->addr_mob;
    $tmp->zip = $q->order->addr_zip;
    $tmp->address = $q->order->addr_address;
    $tmp->suburb = $q->order->addr_suburb;
    $tmp->city = $q->order->addr_city;
    $tmp->state = $q->order->addr_state;
    $tmp->country = $q->order->addr_country;
    $tmp->is_default = 0;
    $tmp->order = $order + 1;
    DbUtils::add($myPdo, 'pz_ecom_customer_address', $tmp);
    $q->order->addr_id = $myPdo->lastInsertId();
  }
  
  unset($q->order->purchases);
  $q->order->date_last_mod = date("Y-m-d H:i:s");
  DbUtils::update($myPdo, 'pz_ecom_order', $q->order);
  
  echo json_encode(array());
}

function add_purchase($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  if (isset($q->p)) {
    $q->p->date_added = date("Y-m-d H:i:s");
    $q->p->date_last_mod = date("Y-m-d H:i:s");
    DbUtils::add($myPdo, 'pz_ecom_purchase', $q->p);
  }
  
  foreach ($q->a as &$tmp) {
    if (isset($tmp->id)) {
      DbUtils::update($myPdo, 'pz_ecom_purchase_attribute', $tmp);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_purchase_attribute', $tmp);
    }
  }
  
  foreach ($q->opts as &$tmp) {
    if (isset($tmp->id)) {
      DbUtils::update($myPdo, 'pz_ecom_purchase_option', $tmp);
    } else {
      DbUtils::add($myPdo, 'pz_ecom_purchase_option', $tmp);
    }
  }
  
  echo json_encode(array());
}

function delete_purchases($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  foreach ($q as &$pur) {
    if (isset($pur->attributes)) {
      foreach($pur->attributes as &$attr) {
        if (isset($attr->options)) {
          foreach ($attr->options as &$opt) {
            DbUtils::delete($myPdo, 'pz_ecom_purchase_option', $opt);
          }
        }
        DbUtils::delete($myPdo, 'pz_ecom_purchase_attribute', $attr);
      }
    }
    DbUtils::delete($myPdo, 'pz_ecom_purchase', $pur);
  }
  echo json_encode(array());
}

function delete_transactions($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', '[]'));
  
  $cond = '';
  $vals = array();
  foreach ($q as $idx => &$transaction) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $transaction->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_transaction', $cond_vals);
    $cond .= 'transaction_id = :v' . ($idx + 1);
    if ($idx < (count($q) - 1)) {
      $cond .= ' OR ';
    }
    $vals[':v' . ($idx + 1)] = $transaction->id;
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = $cond;
  $cond_vals->v = $vals;
  $orders = DbUtils::get($myPdo, 'pz_ecom_order', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  foreach ($orders as &$order) {
    $order->is_paid = 0;
    $order->transaction_id = 0;
    DbUtils::update($myPdo, 'pz_ecom_order', $order);
  }
  echo json_encode(array());
}

function save_transaction($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', array()));
  if (!isset($q->id)) {
    $q->date_added = date("Y-m-d H:i:s");
    $q->date_last_mod = date("Y-m-d H:i:s");
    $q->date_paid = date("$q->_paidYear-$q->_paidMonth-$q->_paidDay");
    DbUtils::add($myPdo, 'pz_ecom_transaction', $q);
    $q->id = $myPdo->lastInsertId();
  } else {
    $q->date_last_mod = date("Y-m-d H:i:s");
    $q->date_paid = date("$q->_paidYear-$q->_paidMonth-$q->_paidDay");
    DbUtils::update($myPdo, 'pz_ecom_transaction', $q);
  }
  
  $myPdo->exec("UPDATE pz_ecom_order SET transaction_id = 0 WHERE transaction_id = $q->id");
  
  $tmp = new stdClass();
  $tmp->id = $q->_oid;
  $tmp->transaction_id = $q->id;
  $tmp->is_paid = 1;
  DbUtils::update($myPdo, 'pz_ecom_order', $tmp);
  echo json_encode(array());
}

function find_order($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $result = new stdClass();
  $q = MiscUtils::getParam('q', '');
  $cond_vals = new stdClass();
  $cond_vals->c = '`t`.`order_no` = :v1';
  $cond_vals->v = array(':v1' => $q);
  $tmp = DbUtils::get($myPdo, 'pz_ecom_order', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  if (count($tmp) > 0) {
    $result->order = $tmp[0];
    $cond_vals = new stdClass();
    $cond_vals->c = '`t`.`order_id` = :v1';
    $cond_vals->v = array(':v1' => $tmp[0]->id);
    $result->purchases = DbUtils::get($myPdo, 'pz_ecom_purchase', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  }
  
  echo json_encode($result);
}

function save_parcel($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode(MiscUtils::getParam('q', array()));
  if (!isset($q->id)) {
    $q->date_added = date("Y-m-d H:i:s");
    $q->date_last_mod = date("Y-m-d H:i:s");
    $q->date_delivery = date("$q->d_year-$q->d_month-$q->d_day");
    DbUtils::add($myPdo, 'pz_ecom_parcel', $q);
    $q->id = $myPdo->lastInsertId();
  } else {
    $q->date_last_mod = date("Y-m-d H:i:s");
    $q->date_delivery = date("$q->d_year-$q->d_month-$q->d_day");
    DbUtils::update($myPdo, 'pz_ecom_parcel', $q);
  }

  $myPdo->exec("UPDATE pz_ecom_order SET parcel_id = 0 WHERE parcel_id = $q->id");
  
  $tmp = new stdClass();
  $tmp->id = $q->_oid;
  $tmp->is_shipped = 1;
  $tmp->parcel_id = $q->id;
  DbUtils::update($myPdo, 'pz_ecom_order', $tmp);
  echo json_encode(array());
}

function delete_parcels($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  $cond = '';
  $vals = array();
  foreach ($q as $idx => &$parcel) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $parcel->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_parcel', $cond_vals);
    $cond .= 'parcel_id = :v' . ($idx + 1);
    if ($idx < (count($q) - 1)) {
      $cond .= ' OR ';
    }
    $vals[':v' . ($idx + 1)] = $parcel->id;
  }
  
  $cond_vals = new stdClass();
  $cond_vals->c = $cond;
  $cond_vals->v = $vals;
  $orders = DbUtils::get($myPdo, 'pz_ecom_order', $cond_vals, NULL, NULL, NULL, NULL, NULL)->d;
  foreach ($orders as &$order) {
    $order->is_shipped = 0;
    $order->parcel_id = 0;
    DbUtils::update($myPdo, 'pz_ecom_order', $order);
  }
  echo json_encode(array());
}

function delete_categories($myPdo) {
  if (!isset($_SESSION[USER])) {
    return;
  }
  $q = json_decode($_POST['q']);
  foreach ($q as &$category) {
    $cond_vals = new stdClass();
    $cond_vals->c = 'id = :v1';
    $cond_vals->v = array(':v1' => $category->id);
    DbUtils::deleteByCond($myPdo, 'pz_ecom_category', $cond_vals);
  }
  echo json_encode(array());
}
?>